Commit Graph

238 Commits

Author SHA1 Message Date
elad
e99760e7e4 Fold KAUTH_REQ_PROCESS_SCHEDULER_* to KAUTH_PROCESS_SCHEDULER_*. In other
words, don't pass an action and a request, and just use a single action to
indicate what is the operation in question.

This is the first step in fixing PR/37986, which calls for policy/priority
checking in the secmodel code. Right now we're lacking room for another
parameter required to make a decision, and this change makes room for such.
2008-02-16 16:39:34 +00:00
elad
365cb5272e Use KAUTH_ARG(), from hannken@ - thanks! 2008-01-23 19:06:59 +00:00
elad
b97e1dc060 Use SCARG() to get pid, we don't have it as a local.
Spotted by hannken@, thanks!
2008-01-23 17:55:40 +00:00
elad
c27d5f30b6 Tons of process scope changes.
- Add a KAUTH_PROCESS_SCHEDULER action, to handle scheduler related
    requests, and add specific requests for set/get scheduler policy and
    set/get scheduler parameters.

  - Add a KAUTH_PROCESS_KEVENT_FILTER action, to handle kevent(2) related
    requests.

  - Add a KAUTH_DEVICE_TTY_STI action to handle requests to TIOCSTI.

  - Add requests for the KAUTH_PROCESS_CANSEE action, indicating what
    process information is being looked at (entry itself, args, env,
    open files).

  - Add requests for the KAUTH_PROCESS_RLIMIT action indicating set/get.

  - Add requests for the KAUTH_PROCESS_CORENAME action indicating set/get.

  - Make bsd44 secmodel code handle the newly added rqeuests appropriately.

All of the above make it possible to issue finer-grained kauth(9) calls in
many places, removing some KAUTH_GENERIC_ISSUSER requests.

  - Remove the "CAN" from KAUTH_PROCESS_CAN{KTRACE,PROCFS,PTRACE,SIGNAL}.

Discussed with christos@ and yamt@.
2008-01-23 15:04:38 +00:00
ad
77e0b2120f Patch up sysctl locking:
- Lock processes, credentials, filehead etc correctly.
- Acquire a read hold on sysctl_treelock if only doing a query.
- Don't wire down the output buffer. It doesn't work correctly and the code
  regularly does long term sleeps with it held - it's not worth it.
- Don't hold locks other than sysctl_lock while doing copyout().
- Drop sysctl_lock while doing copyout / allocating memory in a few places.
- Don't take kernel_lock for sysctl.
- Fix a number of bugs spotted along the way
2008-01-07 16:12:52 +00:00
dsl
6fb2884c3a regen 2007-12-20 23:07:25 +00:00
dsl
7e2790cf6f Convert all the system call entry points from:
int foo(struct lwp *l, void *v, register_t *retval)
to:
    int foo(struct lwp *l, const struct foo_args *uap, register_t *retval)
Fixup compat code to not write into 'uap' and (in some cases) to actually
pass a correctly formatted 'uap' structure with the right name to the
next routine.
A few 'compat' routines that just call standard ones have been deleted.
All the 'compat' code compiles (along with the kernels required to test
build it).
98% done by automated scripts.
2007-12-20 23:02:38 +00:00
dsl
28bae79b27 ANSIfy most of the function definitions in sys/compat (but not ndis).
All by the magic of sed ...
2007-12-08 18:35:53 +00:00
dsl
f2af9174b9 Remove all the __P 2007-12-04 18:40:07 +00:00
ad
a2a3828545 machine/{bus,cpu,intr}.h -> sys/{bus,cpu,intr}.h 2007-10-19 11:59:34 +00:00
ad
63c4506184 Changes to make ktrace LKM friendly and reduce ifdef KTRACE. Proposed
on tech-kern.
2007-08-15 12:07:23 +00:00
christos
1b3668b8ef use the compat MFSNAMELEN 2007-07-17 20:33:17 +00:00
dsl
12da34644a Update generated files. 2007-07-13 20:49:07 +00:00
dsl
f02523fb6e Remove all the syscall stubs that were only there to get files lookup
up in the alternate path.
2007-07-13 20:48:39 +00:00
dsl
758f9f5cde Change compat mount code to pass do_sys_mount() kernel resident buffers.
Possibly the standard nfs code needs teaching how to set the length and
address family in order to support non-netbsd sockaddr.
There are now no active stackgap() calls in the compat tree.
2007-07-12 19:41:57 +00:00
dsl
e773713d08 Comment out support for FREEBSD_PT_READ_U and FREEBSD_PT_WRITE_U.
It all looks like a rather broken hack.
If nothing else it accesses userspace without copyin/out.
2007-06-23 15:24:26 +00:00
christos
20bfd9898e Add a sockaddr_storage member to "struct ifreq" maintaining backwards
compatibility with the older ioctls. This avoids stack smashing and
abuse of "struct sockaddr" when ioctls placed "struct sockaddr_foo's" that
were longer than "struct sockaddr".
XXX: Some of the emulations might be broken; I tried to add code for
them but I did not test them.
2007-05-29 21:32:27 +00:00
dsl
b8fbaf8c4b Change the way that emulations locate files within the emulation root to
avoid having to allocate space in the 'stackgap'
  - which is very LWP unfriendly.
The additional code for non-emulation namei() is trivial, the reduction for
  the emulations is massive.
The vnode for a processes emulation root is saved in the cwdi structure
  during process exec.
If the emulation root the TRYEMULROOT flag are set, namei() will do an initial
  search for absolute pathnames in the emulation root, if that fails it will
  retry from the normal root.
".." at the emulation root will always go to the real root, even in the middle
  of paths and when expanding symlinks.
Absolute symlinks found using absolute paths in the emulation root will be
  relative to the emulation root (so /usr/lib/xxx.so -> /lib/xxx.so links
  inside the emulation root don't need changing).
If the root of the emulation would be returned (for an emulation lookup), then
  the real root is returned instead (matching the behaviour of emul_lookup,
  but being a cheap comparison here) so that programs that scan "../.."
  looking for the root dircetory don't loop forever.
The target for symbolic links is no longer mangled (it used to get the
  CHECK_ALT_xxx() treatment, so could get /emul/xxx prepended).
CHECK_ALT_xxx() are no more. Most of the change is deleting them, and adding
  TRYEMULROOT to the flags to NDINIT().
A lot of the emulation system call stubs could now be deleted.
2007-04-22 08:29:55 +00:00
ad
c147748d84 - Make the proclist_lock a mutex. The write:read ratio is unfavourable,
and mutexes are cheaper use than RW locks.
- LOCK_ASSERT -> KASSERT in some places.
- Hold proclist_lock/kernel_lock longer in a couple of places.
2007-03-09 14:11:22 +00:00
christos
53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
cube
632ece3eaf Introduce a new member to struct emul, e_startlwp, to be used by
sys__lwp_create.  It allows using the said syscall under COMPAT_NETBSD32.

The libpthread regression tests now pass on amd64 and sparc64.
2007-02-19 15:10:02 +00:00
dsl
c7907fd992 Factor out the replicated code that verifies that the caller is allowed
to acces the required process into a separate function (hi cut and paste).
Acquire the proclist_lock across p_find().
2007-02-18 09:45:39 +00:00
ad
b07ec3fc38 Merge newlock2 to head. 2007-02-09 21:55:00 +00:00
elad
1113a3afe4 Consistent usage of KAUTH_GENERIC_ISSUSER. 2007-01-05 15:40:51 +00:00
christos
168cd830d2 __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
christos
9e34b4bbee ktruser checks for length now. 2006-10-22 18:18:49 +00:00
christos
4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
dbj
2df12fb8b5 use _KERNEL_OPT instead of _LKM to check whether to include "opt_ktrace.h" 2006-09-24 21:44:58 +00:00
dogcow
e15e9231e6 opt_ktrace.h doesn't exist when building LKMs. 2006-09-24 05:48:27 +00:00
manu
63ac93df54 Add sysctl tracing to emulations.
While we are there, fix a bug in FreeBSD sysctl emulation: use copyin for
moving data to the kernel
2006-09-23 22:11:59 +00:00
matt
2e04559304 When calling PTRACE from an LKM, use sysent[SYS_ptrace].sy_call in case
the sys_ptrace symbol isn't present.
2006-09-01 21:20:46 +00:00
matt
280b69066a Regen. 2006-09-01 21:19:44 +00:00
matt
30183e299f Don't conditionalize *sys_ptrace. The lack of sys_ptrace will be dealt
with differently.
2006-09-01 20:58:18 +00:00
he
3e73ce6bef Protect the include of "opt_ptrace.h" by _KERNEL_OPT. 2006-08-31 15:01:56 +00:00
matt
5efede10eb Regen (for PTRACE). 2006-08-30 11:05:14 +00:00
matt
181c494b95 Update for options PTRACE 2006-08-30 11:04:37 +00:00
christos
df04aa6566 fix incomplete initializer 2006-08-30 02:02:21 +00:00
martin
b4cb63a646 Make filehandles opaque to userland 2006-07-31 16:34:42 +00:00
martin
f956f13e21 Step 1 to make filehandles completely opaque to userland 2006-07-31 16:32:51 +00:00
ad
f474dceb13 Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
martin
508a062fec Make freebsd_sys_getfh use compat_30_sys_getfh 2006-07-13 16:28:38 +00:00
mrg
1b7ff51599 regenerate. 2006-06-26 21:30:50 +00:00
mrg
e2eb31d3a3 version the socket(2) syscall. for compat30 socket, we use
EPROTONOSUPPORT instead of EAFNOSUPPORT.

from pavel@ with a little bit of clean up from myself.

XXX: netbsd32 (and perhaps other emulations) should be able
XXX: to call the standard socket calls for this i think, but
XXX: revisit this at another time.
2006-06-26 21:23:56 +00:00
elad
874fef3711 integrate kauth. 2006-05-14 21:19:33 +00:00
christos
89a5572015 Regen 2006-05-04 17:50:28 +00:00
christos
9ec9aed92e fhstat needs to be versioned too (for ino_t). Pointed out by Izumi Tsutsui 2006-05-04 17:48:56 +00:00
christos
95e1ffb156 merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
christos
82eba32c06 need compat/sys/shm.h 2005-11-10 18:47:53 +00:00
christos
c83d281198 Forgot to reverse the conditional test. 2005-09-13 16:35:24 +00:00
christos
063b880cf0 compat code reorg. 2005-09-13 01:42:32 +00:00